From 90bab53dc9088e61e3c99d4d58622ff2d14808ee Mon Sep 17 00:00:00 2001 From: Victor Boctor Date: Tue, 18 Apr 2017 18:32:15 -0700 Subject: [PATCH] Fix access denied loop when user not logged in Fixes #22740 --- core/authentication_api.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/core/authentication_api.php b/core/authentication_api.php index f39b9d6756..91bb387820 100644 --- a/core/authentication_api.php +++ b/core/authentication_api.php @@ -83,6 +83,12 @@ */ function auth_flags( $p_user_id = null, $p_username = '' ) { if( is_null( $p_user_id ) ) { + # If user id is not provided and user is not authenticated return default flags. + # Otherwise, we can get into a loop as in #22740 + if( !auth_is_user_authenticated() ) { + return new AuthFlags(); + } + $t_user_id = auth_get_current_user_id(); } else { $t_user_id = (int)$p_user_id;